The Hosted Exchange Attack of December 2, 2022 on Rackspace Technology caused a massive outage for thousands of its customers, forcing the Racker team to work hard over the holidays in order to restore their customer data.
A ransomware attack on a hosted exchange email environment like this Rackspace Attack involves a malicious actor or group (PLAY in this case) encrypting the data on the servers, making it inaccessible to legitimate users. The attackers would then demand payment, typically in the form of cryptocurrency, in exchange for the decryption key to restore access to the data. These attacks can have a significant impact on the operation of a business, as email is often a critical tool for communication and collaboration.
To protect against such an attack, it’s important to have regular backups of all data, including email, stored on separate, secure systems that are not connected to the network. This way, even if the ransomware encrypts the data on the servers, the business can restore the data from the backups without having to pay the ransom thus mitigating the risk of a successful attack.
According to the latest updates from Rackspace, even prior to this security incident, the Hosted Exchange email environment was under planning for migration to Microsoft 365.
Microsoft Office 365 for business is a subscription-based version of Office 365 that includes additional features and services specifically tailored for use by organizations. It includes all the standard Office applications like Word, Excel, PowerPoint, and Outlook, as well as other cloud-based services such as Exchange Online (hosted email service), SharePoint Online (cloud-based collaboration and document management platform), and Skype for Business (video and audio conferencing).
It also includes tools for managing and securing user accounts, such as Azure Active Directory, which can be used to manage user authentication and access to different services. Few of the built-in security measures offered by Office 365 for Business to help protect sensitive data and keep it safe from unauthorized access are-
- Advanced threat protection: It uses machine learning and other advanced techniques to detect and block potential threats, such as malware, phishing, and spam.
- Multi-factor authentication: It supports multi-factor authentication, which requires users to provide another form of authentication, such as a security code sent to their phone, in addition to their password. This helps to prevent unauthorized access to accounts.
- Encryption: It uses encryption to protect data both in transit and at rest, ensuring that sensitive information is secure and private.
- Data loss prevention: It includes tools to help prevent data loss, such as the ability to set policies for data retention, archiving, and eDiscovery.
- Compliance: It is designed to help organizations meet regulatory compliance requirements, such as HIPAA, SOC 2, and ISO 27001.
- Regular security updates: Microsoft regularly releases security updates to Office 365 to ensure that the platform stays up-to-date with the latest threats and vulnerabilities.
It’s important to note, that while Office 365 has several built-in security features, it is still up to the user to configure and use them correctly and to follow best practices for security. For example, using strong and unique passwords, enabling multi-factor authentication, and regularly backing up important data can help to further protect against cyber attacks.Top of Form